Updated: 11/14/2024. Originally posted: 11/08/2023
The holiday shopping season is here, and seems to come earlier every year. With Thanksgiving falling a week later this year, retailers have compensated for the compressed shopping period between Thanksgiving and Christmas, offering early sales events online and in-store – giving consumers more options to shop while retailers attempt to stay ahead of the competition.
One of the most significant shopping days of the year, Amazon Prime Day in October saw a total consumer spend of $942 million, which equates to an average order size of $57.97 and $152.33 for 60% of households that placed 2+ orders. Despite the massive spend, it was ~3% less than the total spend for last year’s October Prime Day, which was roughly ~$970 million, suggesting that consumers may be more restrained this year in their holiday spending.
Amazon isn’t the only retailer starting early. Many major retail brands announced in September that early sales events would begin the first week of October. Others have tripled-down on their holiday sales strategies to get ahead.
Large retailer Target not only started holiday sales in October, but also introduced their “Early Black Friday Sale” event held November 7-9, which will offer discounts store-wide both in-store and online. Target will also try to capture sales opportunities with their loyalty members with their “Deal of the Day” program that runs Nov. 1 through the rest of the season for Target Circle Members.
2024 Holiday Shopping Trends – Online and In-Store Growth
With nearly 92% of U.S. adults celebrating the winter holidays this year, planning ahead is a smart move for retailers and consumers alike. Holiday consumer spending is expected to reach a record $902 per person on average across gifts, food, decorations and other seasonal items – $25 per person more than last year and $16 higher than the previous record set in 2019. While consumers plan to shop early for holiday gifts, they will proceed with caution – budgeting, researching, and preparing for their purchases due to a flooded market of incentives and the promise of savings, according to the National Retail Federation (NRF).
Nearly half (45%) of holiday shoppers plan to browse and buy items before November, which is consistent with recent years and up from 40% 10 years ago. The top reasons for early shopping include spreading out their budget (59%), avoiding the stress of last-minute shopping (45%), avoiding crowds (42%) and pursuing prices or promotions that cannot be missed (42%). Despite the early start, most consumers (62%) anticipate finishing their shopping in December. – NRF
Despite the hustle and bustle of the season, today’s consumers still appreciate the in-store shopping experience when searching for a good deal. Coveo’s 2024 Holiday Shopper report reveals that over two-thirds (68%) of shoppers plan to visit one or more retail stores for Black Friday shopping and Cyber Monday. Shoppers will head to in-store destinations, such as department stores (46%), grocery stores (46%), while younger shoppers will look to thrift stores and resale shops to find gifts (45%) – NRF.
While in-store shopping continues to provide appeal, there is no denying that E-commerce has transformed the global retail industry. Online shopping remains the top shopping destination this year, with 57% of consumers planning on making their holiday purchases online. Today’s consumers have grown accustomed to the ease of shopping from their couch for Black Friday, Cyber Monday, Small Business Saturday, Super Saturday or any day in between – all while expecting exceptional service and even better deals. You can even order goods from online retailers just hours before Santa arrives.
E-commerce has revolutionized the holiday shopping experience and represents massive growth in just a few short years. Back in 2015, online sales reached $83 billion in the U.S. during November and December and 7.4% of total retail sales worldwide. In 2023, global online retail sales reached an estimated global 5.8 trillion U.S. dollars, with projections indicating a 39% growth rate over the coming years to exceed $8 trillion U.S. dollars by 2027.
NRF reports that, in spite of inflation, 2024 holiday sales will see an increase of 2.5% to 3.5%, bringing the total to between $979.5 billion and $989 billion. E-commerce holiday sales will reach between $289 billion and $294 billion this season, as reported by Deloitte, compared to $252 billion in 2023.
With Growth Comes Opportunity
As merchants are preparing for the largest shopping season of the year– so too do holiday scammers. A new study from Juniper Research revealed the value of E-commerce fraud will rise from $44.3 billion in 2024 to $107 billion in 2029; a growth of 141%. North America has the highest fraudulent transaction value globally, accounting for over 42% of ecommerce fraud. Shockingly, cumulative merchant losses to online payment fraud globally are predicted to exceed $343 billion between now and 2027.
Holiday Scammers Are Cashing in This Season
Verizon’s 2024 Data Breach Investigation report witnessed a substantial growth of attacks involving the exploitation of vulnerabilities as the critical path to initiate a breach – nearly tripling (180% increase) from last year. These attacks were primarily leveraged by Ransomware and other Extortion-related threat actors. As one might imagine, the main vector for those initial entry points was Web applications. Roughly one-third of all breaches involved Ransomware or some other Extortion technique. DBIR
Phishing emails remain one of the most prevalent forms of cybercrime and continue to be a top complaint received by the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3). In 2023, phishing attacks grew by 58% – potential losses exceeding $12.5 billion – with 20% of phishing emails containing links to ransomware.
The rise of artificial intelligence (AI) has introduced new phishing tactics. Reports indicate a significant increase in AI-driven phishing attacks, with over 50 fake AI apps developed to deploy phishing attacks aimed at capturing user’s personal and payment data.
Recently, the FBI warned U.S. companies about the risk of dual ransomware attacks, where the same organization is targeted more than once in quick succession. The FBI recommends that companies review their security posture, maintain offline backups and critical data, and ensure those backups are encrypted.
Retail Data Security – Strategies and Tools to Safeguard Your Checkout from Fraud
Fraudsters will always look for vulnerabilities to steal consumer payment data, and although fraud prevention is not foolproof, there are several payment security strategies you can use to effectively reduce the risk of fraudulent activity. The following steps can help make your checkout process more secure.
- Enable security tools like reCAPTCHA. This service prevents automated bots or scripts from submitting payment forms and requires users to click a checkbox – like asking the users to match words with images in a simple puzzle – if malicious targeting is detected.
- Enabling CVV Verification. Enabling zip code validation, address verification, and CVV on the payment page adds another layer of security. CVVs are harder to compromise than card numbers and expiration dates, so requiring them on your payment form is optimal.
- Implement Transaction Velocity Checks. Merchants can turn on IP blocking rules and configure velocity checks that will automatically block transactions coming from unwanted sources while allowing transactions coming from specific IP addresses.
- Temporarily disable vulnerable forms. If all security protocols put in place still result in a compromise, temporarily disabling a payment form allows the merchant the ability to retain the page for future use without deleting the entire form.
- Verify users prior to displaying payment forms. Validating user sessions or requiring users to log in prior to accessing the payment form helps eliminate access by bad actors attempting card testing or validation of stolen credit cards.
- Use fraud-scoring tools. Bluefin encourages its merchants to learn more about Bluefin’s fraud-scoring tool, where they can leverage state-of-the-art machine learning models and established rules to identify good customers, analyze patterns and data, and highlight risky transactions.
- Bluefin also has various internal monitoring mechanisms through our PayConex™ payment gateway that help detect critical vulnerability indicators like high traffic in a short amount of time with the same attributes, low transaction values, increase in failed authorizations, and specific decline codes.
- Protect all data. It’s imperative that merchants make Personally Identifiable Information (PII), Protected Health Information (PHI), and cardholder data worthless on the web. Take advantage of our ShieldConex™ data security platform, which utilizes both hardware-based encryption and vaultless tokenization to secure sensitive data entered online.
Get a Jump Today on Potential Holiday Fraud
Regardless of what the holidays bring, Bluefin will be with you every step of the way — offering seamless PCI-validated Point-to-Point Encryption (P2PE) technology for POS transactions and ShieldConex® for e-commerce payments. Choosing Bluefin means you get:
- PHI, PII and payment data protection
- Minimized PCI footprint
- Retail Orchestration – the ability switch payment partners at will
- Vaultless tokenization, which means you own your own data
- 120+ validated P2PE devices and 27 Key Injection Facilities – that’s 10x more than our competitors
To keep your company safe and secure, contact Bluefin today and learn more about our security solutions.